Actively exploited vulnerability

CVE-2022-2856: Google Chromium Intents Insufficient Input Validation Vulnerability

Google Chromium Intents contains an insufficient validation of untrusted input vulnerability that allows a remote attacker to browse to a malicious website via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

CISA KEV source 18 Aug 2022 added 8 Sep 2022 remediation due

Affected product

Google ยท Chromium Intents

Known ransomware use: Unknown

Required action

Follow the source advisory and validate exposure in your environment.

Apply updates per vendor instructions.

Related Yasna coverage

Recent reporting that mentions CVE-2022-2856.